subject:"\[TLS\] A question for TLS middle\-box\/middleware vendors\/implementers"

Re: [TLS] A question for TLS middle-box/middleware vendors/implementers

2018-01-28 Thread Yoav Nir

Hi, Thomas Inline > On 28 Jan 2018, at 12:19, Fossati, Thomas (Nokia - GB/Cambridge, UK) > wrote: > > Hi Yoav, > > Thanks for the answers - much appreciated. > > On 27/01/2018, 19:31, "Yoav Nir" wrote: >> The length field is byte-aligned. So

Re: [TLS] A question for TLS middle-box/middleware vendors/implementers

2018-01-28 Thread Fossati, Thomas (Nokia - GB/Cambridge, UK)

Hi Yoav, Thanks for the answers - much appreciated. On 27/01/2018, 19:31, "Yoav Nir" wrote: > The length field is byte-aligned. So any implementation of a TLS > parser or TLS proxy will do one of two things: > > 1. Consider the MSB to be a must-be-zero bit and drop any

Re: [TLS] A question for TLS middle-box/middleware vendors/implementers

2018-01-27 Thread Yoav Nir

> On 27 Jan 2018, at 18:30, Fossati, Thomas (Nokia - GB/Cambridge, UK) > wrote: > > Hi TLS middle-box/middleware folks, > > If length's MSB in a D?TLS{Ciphertext,Plaintext,Compressed} record is > set, how does your software react? > > Is it going to drop the

[TLS] A question for TLS middle-box/middleware vendors/implementers

2018-01-27 Thread Fossati, Thomas (Nokia - GB/Cambridge, UK)

Hi TLS middle-box/middleware folks, If length's MSB in a D?TLS{Ciphertext,Plaintext,Compressed} record is set, how does your software react? Is it going to drop the session/record or not bothering at all? I'm trying to understand a bit better whether and when it'd be safe to grab that bit and